Add SQL script to assign user roles to everyone

database/V28.0/CREATE_HMR_SALT_REPORT.sql

@@ -1,14 +1,85 @@
 -- Script to create and enable Salt Reporting in HMCR database.
 
-USE HMR_DEV; -- uncomment appropriate instance
---USE HMR_TST;
---USE HMR_UAT;
---USE HMR_PRD;
-GO
+-- ROLE AND PERMISSION BINDING:
+-- Step 1: Insert into HMR_PERMISSION and capture PERMISSION_ID
+DECLARE @NewPermissionID TABLE (PERMISSION_ID INT);
+INSERT INTO [dbo].[HMR_PERMISSION] 
+    ([PERMISSION_ID],[NAME],[DESCRIPTION],[END_DATE],[APP_CREATE_USERID],[APP_CREATE_TIMESTAMP],[APP_CREATE_USER_GUID],[APP_CREATE_USER_DIRECTORY],[APP_LAST_UPDATE_USERID],[APP_LAST_UPDATE_TIMESTAMP],[APP_LAST_UPDATE_USER_GUID],[APP_LAST_UPDATE_USER_DIRECTORY]) 
+OUTPUT INSERTED.PERMISSION_ID INTO @NewPermissionID
+VALUES 
+    (NEXT VALUE FOR [dbo].[HMR_RL_PERM_ID_SEQ],'SALT','Salt Reporting',NULL,user_name(),GETUTCDATE(),'31587d92-0297-4493-a7e5-c078c6ba0d37','IDIR',user_name(),GETUTCDATE(),'31587d92-0297-4493-a7e5-c078c6ba0d37','IDIR');
+
+-- Step 2: Insert into HMR_ROLE and capture ROLE_ID
+DECLARE @NewRoleID TABLE (ROLE_ID INT);
+INSERT INTO [dbo].[HMR_ROLE] 
+    ([ROLE_ID],[NAME],[DESCRIPTION],[END_DATE],[APP_CREATE_USERID],[APP_CREATE_TIMESTAMP],[APP_CREATE_USER_GUID],[APP_CREATE_USER_DIRECTORY],[APP_LAST_UPDATE_USERID],[APP_LAST_UPDATE_TIMESTAMP],[APP_LAST_UPDATE_USER_GUID],[APP_LAST_UPDATE_USER_DIRECTORY]) 
+OUTPUT INSERTED.ROLE_ID INTO @NewRoleID
+VALUES 
+    (NEXT VALUE FOR [dbo].[HMR_RL_ID_SEQ],'Salt Reporting','Submit and view Submitted Annual Salt Report',NULL,user_name(),GETUTCDATE(),'31587d92-0297-4493-a7e5-c078c6ba0d37','IDIR',user_name(),GETUTCDATE(),'31587d92-0297-4493-a7e5-c078c6ba0d37','IDIR');
+
+-- Step 3: Insert into HMR_ROLE_PERMISSION using captured PERMISSION_ID and ROLE_ID
+INSERT INTO [dbo].[HMR_ROLE_PERMISSION] 
+    ([ROLE_PERMISSION_ID],[ROLE_ID],[PERMISSION_ID],[END_DATE],[APP_CREATE_USERID],[APP_CREATE_TIMESTAMP],[APP_CREATE_USER_GUID],[APP_CREATE_USER_DIRECTORY],[APP_LAST_UPDATE_USERID],[APP_LAST_UPDATE_TIMESTAMP],[APP_LAST_UPDATE_USER_GUID],[APP_LAST_UPDATE_USER_DIRECTORY]) 
+SELECT 
+    NEXT VALUE FOR [dbo].[HMR_RL_PERM_ID_SEQ], 
+    r.ROLE_ID, 
+    p.PERMISSION_ID, 
+    NULL, 
+    user_name(), 
+    GETUTCDATE(), 
+    '31587d92-0297-4493-a7e5-c078c6ba0d37', 
+    'IDIR', 
+    user_name(), 
+    GETUTCDATE(), 
+    '31587d92-0297-4493-a7e5-c078c6ba0d37', 
+    'IDIR'
+FROM @NewRoleID r, @NewPermissionID p;
+
+-- Step 4: Assign the newly created role to all users in HMR_SYSTEM_USER, with END_DATE check
+DECLARE @UserID INT;
+DECLARE @CapturedRoleID INT;
+
+-- Retrieve the single role ID from the table variable
+SELECT @CapturedRoleID = ROLE_ID FROM @NewRoleID;
+
+DECLARE user_cursor CURSOR FOR 
+SELECT SYSTEM_USER_ID 
+FROM [dbo].[HMR_SYSTEM_USER]
+WHERE END_DATE IS NULL OR END_DATE > GETDATE();
+
+OPEN user_cursor;
+
+FETCH NEXT FROM user_cursor INTO @UserID;
+
+WHILE @@FETCH_STATUS = 0
+BEGIN
+    INSERT INTO [dbo].[HMR_USER_ROLE] 
+        ([USER_ROLE_ID],[ROLE_ID],[SYSTEM_USER_ID],[END_DATE],[APP_CREATE_USERID],[APP_CREATE_TIMESTAMP],[APP_CREATE_USER_GUID],[APP_CREATE_USER_DIRECTORY],[APP_LAST_UPDATE_USERID],[APP_LAST_UPDATE_TIMESTAMP],[APP_LAST_UPDATE_USER_GUID],[APP_LAST_UPDATE_USER_DIRECTORY]) 
+    SELECT 
+        NEXT VALUE FOR [dbo].[HMR_USR_RL_ID_SEQ], 
+        @CapturedRoleID, 
+        @UserID, 
+        NULL, 
+        user_name(), 
+        GETUTCDATE(), 
+        '31587d92-0297-4493-a7e5-c078c6ba0d37', 
+        'IDIR', 
+        user_name(), 
+        GETUTCDATE(), 
+        '31587d92-0297-4493-a7e5-c078c6ba0d37', 
+        'IDIR'
+    WHERE NOT EXISTS (
+        SELECT 1
+        FROM [dbo].[HMR_USER_ROLE] ur
+        WHERE ur.ROLE_ID = @CapturedRoleID 
+        AND ur.SYSTEM_USER_ID = @UserID
+    );
 
-INSERT INTO [dbo].[HMR_PERMISSION] ([PERMISSION_ID],[NAME],[DESCRIPTION],[END_DATE],[CONCURRENCY_CONTROL_NUMBER],[APP_CREATE_USERID],[APP_CREATE_TIMESTAMP],[APP_CREATE_USER_GUID],[APP_CREATE_USER_DIRECTORY],[APP_LAST_UPDATE_USERID],[APP_LAST_UPDATE_TIMESTAMP],[APP_LAST_UPDATE_USER_GUID],[APP_LAST_UPDATE_USER_DIRECTORY],[DB_AUDIT_CREATE_USERID],[DB_AUDIT_CREATE_TIMESTAMP],[DB_AUDIT_LAST_UPDATE_USERID],[DB_AUDIT_LAST_UPDATE_TIMESTAMP]) 
-VALUES (NEXT VALUE FOR [dbo].[HMR_RL_PERM_ID_SEQ],'SALT','Salt Reporting',NULL,1,user_name(),GETUTCDATE(),'31587d92-0297-4493-a7e5-c078c6ba0d37','IDIR',user_name(),GETUTCDATE(),'31587d92-0297-4493-a7e5-c078c6ba0d37','IDIR','IDIR\ISEAN',GETUTCDATE(),'IDIR\ISEAN',GETUTCDATE());
+    FETCH NEXT FROM user_cursor INTO @UserID;
+END;
 
+CLOSE user_cursor;
+DEALLOCATE user_cursor;
 
 -- Sequence Definitions
 -- HMR_SLT_RPT_ID_SEQ: Sequence for report IDs

database/rollback/ROLLBACK_HMR_SALT_REPORT.sql

@@ -343,19 +343,30 @@ GO
 DROP SEQUENCE [dbo].[HMR_SALT_REPORT_H_ID_SEQ];
 GO
 
+-- Step 1: Find the IDs of the inserted role and permission
+DECLARE @RoleID INT;
+DECLARE @PermissionID INT;
+
+SELECT @RoleID = [ROLE_ID] 
+FROM [dbo].[HMR_ROLE]
+WHERE [NAME] = 'Salt Reporting' AND [DESCRIPTION] = 'Submit and view Submitted Annual Salt Report';
+
+SELECT @PermissionID = [PERMISSION_ID] 
+FROM [dbo].[HMR_PERMISSION]
+WHERE [NAME] = 'SALT' AND [DESCRIPTION] = 'Salt Reporting';
+
+-- Step 2: Delete from HMR_USER_ROLE using the captured RoleID
+DELETE FROM [dbo].[HMR_USER_ROLE]
+WHERE [ROLE_ID] = @RoleID;
+
+-- Step 3: Delete from HMR_ROLE_PERMISSION using the captured RoleID and PermissionID
 DELETE FROM [dbo].[HMR_ROLE_PERMISSION]
-WHERE [PERMISSION_ID] IN (
-    SELECT [PERMISSION_ID]
-    FROM [dbo].[HMR_PERMISSION]
-    WHERE [NAME] = 'SALT'
-);
-GO
+WHERE [ROLE_ID] = @RoleID AND [PERMISSION_ID] = @PermissionID;
 
-DELETE FROM [dbo].[HMR_PERMISSION]
-WHERE [NAME] = 'SALT';
-GO
+-- Step 4: Delete from HMR_ROLE
+DELETE FROM [dbo].[HMR_ROLE]
+WHERE [ROLE_ID] = @RoleID;
 
-IF OBJECT_ID('[dbo].[hmr_error_handling]', 'P') IS NOT NULL
-BEGIN
-    DROP PROCEDURE [dbo].[hmr_error_handling];
-END;
+-- Step 5: Delete from HMR_PERMISSION
+DELETE FROM [dbo].[HMR_PERMISSION]
+WHERE [PERMISSION_ID] = @PermissionID;